summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSascha Hauer <s.hauer@pengutronix.de>2020-03-26 09:03:03 +0100
committerSascha Hauer <s.hauer@pengutronix.de>2020-03-31 12:15:39 +0200
commita2481d09aa76bf50da6d9ce0b5607920988fccac (patch)
treee581ab74f4e44c4fc6557261ea66bded210145f2
parentb5e57a455df4ac27d52146a9d062cb9397dc4ece (diff)
downloadbarebox-a2481d09aa76bf50da6d9ce0b5607920988fccac.tar.gz
arm64: Set PXN/UXN attributes for uncached mem
The attributes should be set to avoid speculative access to memory-mapped peripherals. The patch has been tested with: noinline unsigned long nox(void) { return get_pc(); } static void xn_test(void) { void *adr = (void *)SOME_SRAM_ADDRESS; unsigned long ret; unsigned long (*fn)(void) = adr; memcpy(adr, nox, 0x1000); sync_caches_for_execution(); ret = fn(); printf("pc: 0x%08lx\n", ret); } Without this patch nox() gets executed in SRAM, with it runs into a abort as expected. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
-rw-r--r--arch/arm/cpu/mmu-early_64.c3
-rw-r--r--arch/arm/cpu/mmu_64.c4
-rw-r--r--arch/arm/cpu/mmu_64.h17
3 files changed, 21 insertions, 3 deletions
diff --git a/arch/arm/cpu/mmu-early_64.c b/arch/arm/cpu/mmu-early_64.c
index 94e3726..a7598f2 100644
--- a/arch/arm/cpu/mmu-early_64.c
+++ b/arch/arm/cpu/mmu-early_64.c
@@ -67,7 +67,8 @@ void mmu_early_enable(unsigned long membase, unsigned long memsize,
el = current_el();
set_ttbr_tcr_mair(el, ttb, calc_tcr(el, EARLY_BITS_PER_VA), MEMORY_ATTRIBUTES);
- create_sections((void *)ttb, 0, 0, 1UL << (EARLY_BITS_PER_VA - 1), UNCACHED_MEM);
+ create_sections((void *)ttb, 0, 0, 1UL << (EARLY_BITS_PER_VA - 1),
+ attrs_uncached_mem());
create_sections((void *)ttb, membase, membase, memsize, CACHED_MEM);
tlb_invalidate();
isb();
diff --git a/arch/arm/cpu/mmu_64.c b/arch/arm/cpu/mmu_64.c
index 8181658..14d955c 100644
--- a/arch/arm/cpu/mmu_64.c
+++ b/arch/arm/cpu/mmu_64.c
@@ -165,7 +165,7 @@ int arch_remap_range(void *_start, size_t size, unsigned flags)
attrs = CACHED_MEM;
break;
case MAP_UNCACHED:
- attrs = UNCACHED_MEM;
+ attrs = attrs_uncached_mem();
break;
default:
return -EINVAL;
@@ -201,7 +201,7 @@ void __mmu_init(bool mmu_on)
pr_debug("ttb: 0x%p\n", ttb);
/* create a flat mapping */
- create_sections(0, 0, 1UL << (BITS_PER_VA - 1), UNCACHED_MEM);
+ create_sections(0, 0, 1UL << (BITS_PER_VA - 1), attrs_uncached_mem());
/* Map sdram cached. */
for_each_memory_bank(bank)
diff --git a/arch/arm/cpu/mmu_64.h b/arch/arm/cpu/mmu_64.h
index a2a5477..9bbb62f 100644
--- a/arch/arm/cpu/mmu_64.h
+++ b/arch/arm/cpu/mmu_64.h
@@ -8,6 +8,23 @@
PTE_BLOCK_OUTER_SHARE | \
PTE_BLOCK_AF)
+static inline unsigned long attrs_uncached_mem(void)
+{
+ unsigned long attrs = UNCACHED_MEM;
+
+ switch (current_el()) {
+ case 3:
+ case 2:
+ attrs |= PTE_BLOCK_UXN;
+ break;
+ default:
+ attrs |= PTE_BLOCK_UXN | PTE_BLOCK_PXN;
+ break;
+ }
+
+ return attrs;
+}
+
/*
* Do it the simple way for now and invalidate the entire tlb
*/